Cyberwarfare: A Comprehensive Analysis of Its Evolution, Actors, Tactics, and Implications

2025-12-05 Research Reports 0

Abstract

Cyberwarfare has rapidly ascended as a paramount domain in contemporary conflict, fundamentally reshaping the interplay between technological prowess and traditional military doctrines. This comprehensive report meticulously explores the intricate dimensions of cyberwarfare, commencing with a granular examination of its evolving definitions and a tracing of its historical genesis. It then proceeds to identify and analyze key state and non-state actors operating within this volatile landscape, detailing their diverse motivations, sophisticated capabilities, and prevalent tactical approaches. A significant portion of this analysis is dedicated to elucidating the profound and far-reaching implications of cyber conflicts for national security, international stability, and global economic integrity. Furthermore, the report rigorously addresses the complex ethical quandaries and formidable legal challenges inherent in conducting hostilities in the digital realm, ultimately venturing to forecast emergent trends that will likely define the future trajectory of cyber conflict. Through this in-depth exploration, the aim is to furnish a nuanced, professional, and extensively researched understanding of the strategic environment in which modern cyber conflicts are conceived, executed, and defended against.

Many thanks to our sponsor Esdebe who helped us prepare this research report.

1. Introduction

The advent of the digital age has precipitated a radical transformation in the very fabric of warfare, ushering in cyber operations as an indispensable component of statecraft and the broader spectrum of conflict. Cyberwarfare, in its essence, encapsulates the strategic utilization of digital attacks perpetrated by a state or state-sponsored actors against another, with the intent to inflict harm comparable to that of conventional warfare, or to critically disrupt vital computer systems, networks, and critical national infrastructure. These sophisticated attacks are not monolithic; they span a wide array of activities including, but not limited to, clandestine espionage, deliberate sabotage, targeted propaganda campaigns, economic manipulation, and overt information warfare. The ever-increasing global reliance on complex digital infrastructure – encompassing everything from national power grids and financial markets to communication networks and defense systems – has rendered nations acutely vulnerable to an expanding array of cyber threats. This pervasive vulnerability underscores the urgent and compelling necessity for a comprehensive, in-depth examination of this multifaceted phenomenon, its profound implications, and the strategies required to navigate its intricate challenges.

Traditionally, warfare was conceptualized within the confines of physical battlespaces: land, sea, and air. The latter half of the 20th century introduced space as a fifth domain. Now, cyberspace unequivocally stands as the sixth operational domain, characterized by its inherent intangibility, global reach, and the rapid pace of technological innovation that continually reshapes its contours. Unlike conventional conflicts, cyberwarfare often operates within a ‘grey zone’ – below the threshold of an armed attack that would trigger traditional military responses, yet capable of inflicting significant damage and destabilization. This ambiguity introduces unique challenges for deterrence, attribution, and response, necessitating novel approaches to national security and international relations. The strategic importance of understanding cyberwarfare is thus not merely academic; it is a critical imperative for policymakers, military strategists, and cybersecurity professionals worldwide.

Many thanks to our sponsor Esdebe who helped us prepare this research report.

2. Defining Cyberwarfare

The precise definition of cyberwarfare remains a subject of considerable debate among academics, policymakers, and legal experts, primarily due to the amorphous nature of cyber operations and the varying interpretations of what constitutes an ‘act of war’ in the digital realm. Broadly, cyberwarfare refers to the use of cyber attacks by one nation-state to disrupt, deny, degrade, or destroy the information systems and critical infrastructure of another nation-state (fiveable.me). However, this simple definition often fails to capture the full spectrum of activities involved.

Experts like Richard A. Clarke, a former U.S. counterterrorism advisor, popularized the term, defining it as ‘actions by a nation-state to penetrate another nation’s computers or networks for the purposes of causing damage or disruption.’ This perspective emphasizes the destructive or disruptive intent and the state-on-state nature of the conflict. Conversely, some scholars argue for a broader interpretation, encompassing not just destructive attacks but also long-term espionage, information manipulation, and economic coercion, especially when such activities serve strategic national interests and are carried out by state-sponsored entities.

Central to the discussion is the ‘threshold’ problem: when does a cyber incident escalate to an act of war? International law, particularly the United Nations Charter, prohibits the use of force between states. Article 2(4) states that all members ‘shall refrain in their international relations from the threat or use of force against the territorial integrity or political independence of any state.’ Article 51 reserves the right of self-defense if an ‘armed attack’ occurs. Applying these concepts to cyberspace is profoundly challenging. A cyberattack causing physical destruction or casualties comparable to a kinetic attack (e.g., disabling a power grid leading to hospital deaths) might clearly meet the threshold of an armed attack. However, a cyberattack that disrupts financial markets or causes widespread data loss, while damaging, may not directly equate to an ‘armed attack’ under traditional interpretations. This ambiguity is precisely what allows actors to operate in the ‘grey zone’ of persistent engagement, conducting operations that inflict harm without necessarily triggering a conventional military response.

To navigate this complexity, the ‘Tallinn Manual on the International Law Applicable to Cyber Warfare’ (and its successor, ‘Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations’) represents a landmark effort by an international group of experts. While not legally binding, it offers authoritative guidance on how existing international law, including the laws of armed conflict, applies to cyberspace. The Manual posits that a cyber operation would constitute an ‘armed attack’ if it causes death, injury, or significant destruction. It also distinguishes between ‘cyber warfare’ (cyber operations during armed conflict) and ‘cyber operations’ more broadly (which can occur in peacetime, potentially violating state sovereignty or amounting to prohibited intervention). This distinction is crucial, as many state-sponsored cyber activities, such as espionage or influence operations, fall outside the strict definition of ‘warfare’ but are nonetheless significant components of international competition and confrontation. Thus, cyberwarfare represents a significant shift in modern conflict, where traditional military capabilities are supplemented or in some cases even supplanted by highly sophisticated cyber tools, underscoring the imperative for nations to protect their digital frontiers and develop robust response mechanisms.

Many thanks to our sponsor Esdebe who helped us prepare this research report.

3. Historical Context

The conceptualization and practical application of cyberwarfare have evolved in lockstep with the rapid advancements in information and communication technologies. While the term ‘cyberwarfare’ gained prominence in the late 20th and early 21st centuries, its intellectual roots can be traced to earlier strategic thinking concerning information control and disruption.

During the Cold War, both the United States and the Soviet Union explored concepts related to ‘information warfare,’ recognizing the strategic advantage of controlling communication channels, disrupting enemy command and control systems, and influencing perceptions. Early endeavors involved electronic warfare (EW) – jamming radar, disrupting radio communications – which can be seen as a precursor to modern cyber operations targeting electromagnetic spectrums. As computer networks became more prevalent in military and governmental operations in the 1970s and 1980s, the potential for using these networks as both targets and weapons began to be theorized.

A significant early acknowledgement of the strategic potential of cyber operations came in 1992, when the People’s Liberation Army (PLA) of China formally recognized the emergent capabilities of ‘computer virus weapons’ and the potential for ‘information warfare,’ particularly highlighting the United States’ perceived lead in this domain (en.wikipedia.org). This recognition marked a pivotal moment, signaling a global awareness among major powers of the transformative role cyber capabilities would play in future military strategy. By the mid-1990s, the U.S. Department of Defense was already conducting exercises like ‘Eligible Receiver’ (1997) to test vulnerabilities in its own networks against simulated cyberattacks, revealing alarming levels of susceptibility.

The early 2000s witnessed a surge in state-sponsored cyber espionage, with numerous reports of advanced persistent threat (APT) groups, often linked to China, systematically targeting government, defense, and corporate networks in the West. Incidents like ‘Moonlight Maze’ (a series of attacks against U.S. government systems in the late 1990s) and ‘Titan Rain’ (a series of coordinated attacks on U.S. defense contractors in the early 2000s) underscored the persistent and sophisticated nature of these nascent cyber campaigns. These were largely focused on intelligence gathering rather than outright destruction, laying the groundwork for more aggressive tactics.

However, the perceived ‘first cyberwar’ is often attributed to the 2007 cyberattacks against Estonia. Following a dispute with Russia over the relocation of a Soviet-era war memorial, Estonia experienced a wave of crippling distributed denial-of-service (DDoS) attacks that severely impacted government websites, banks, news organizations, and telecommunications. While definitive state attribution was difficult, many Western governments and analysts strongly suspected Russian involvement. This incident served as a stark demonstration of how cyber operations could disrupt an entire nation, even without physical destruction.

The 2008 Russo-Georgian War further illuminated the integrated nature of cyber and kinetic conflict. Coordinated cyberattacks preceded and accompanied Russian military action, targeting Georgian government and media websites. This demonstrated the synergistic potential of combining traditional military force with cyber operations, using the latter to sow confusion, disrupt communications, and shape the information environment during a conventional armed conflict.

The landmark event that unequivocally demonstrated the destructive potential of a cyber weapon was the Stuxnet worm, discovered in 2010. This highly sophisticated malware specifically targeted industrial control systems (ICS) of Siemens PLCs, designed to sabotage Iran’s uranium enrichment centrifuges at its Natanz facility. Attributed by many to a joint U.S.-Israeli operation, Stuxnet proved that a digital weapon could cause tangible, physical damage to critical infrastructure, transcending the realm of information disruption and marking a new era in offensive cyber capabilities (en.wikipedia.org). The evolution from theoretical concepts to documented, impactful incidents highlights the rapid maturation of cyber capabilities as a central instrument of state power and conflict.

Many thanks to our sponsor Esdebe who helped us prepare this research report.

4. Key State Actors

The landscape of cyberwarfare is dominated by a select group of nation-states that have invested heavily in developing sophisticated offensive and defensive cyber capabilities. These states leverage their technological prowess and vast resources to project power, gather intelligence, and shape geopolitical outcomes in the digital realm.

4.1 United States

The United States has consistently been at the vanguard of cyberwarfare capabilities and doctrine development, driven by its extensive technological infrastructure and its status as a global military and economic power. The U.S. government recognizes cyberspace as a critical domain of conflict, on par with land, sea, air, and space.

The cornerstone of U.S. cyber defense and offense is the United States Cyber Command (USCYBERCOM), established in 2010. Initially operating under U.S. Strategic Command, USCYBERCOM achieved full unified command status in 2018, underscoring the strategic importance of cyberspace in national defense. Its mission is multifaceted: to defend the nation against cyber threats, protect Department of Defense information networks, and conduct offensive cyber operations when necessary to deter adversaries and achieve national objectives (en.wikipedia.org). USCYBERCOM comprises various component commands from across the military services, including Army Cyber Command, Fleet Cyber Command (Navy), 24th Air Force (now 16th Air Force, Air Force Cyber), and Marine Corps Forces Cyberspace Command. These components develop, train, and deploy Cyber Mission Forces (CMF) teams, which are organized into National Mission Teams (NMTs) for national defense, Combat Mission Teams (CMTs) to support combatant commanders, and Cyber Protection Teams (CPTs) for defensive operations.

U.S. cyber doctrine has evolved from concepts of ‘active defense’ to ‘persistent engagement’ and ‘defend forward.’ Persistent engagement, articulated by former USCYBERCOM Commander General Paul Nakasone, involves continually operating in cyberspace to contest and disrupt malicious adversary activity at its source, rather than waiting for attacks to materialize on U.S. networks. The ‘defend forward’ strategy aims to confront threats closer to their origin, often in adversary networks, to gain insight, impose costs, and prevent attacks before they can reach U.S. targets. These doctrines reflect a proactive, rather than reactive, approach to cyber defense, seeking to establish a continuous presence in adversary operating environments to deter and degrade their capabilities. While the U.S. government rarely confirms specific offensive operations, it is widely believed to have played a significant role in developing and deploying sophisticated cyber weapons, most notably with the Stuxnet operation. The U.S. has also publicly attributed numerous cyberattacks to other state actors, such as Russia (e.g., SolarWinds hack) and China (e.g., OPM data breach), and has responded with sanctions and diplomatic pressure, often alongside covert cyber responses.

4.2 Russia

Russia is widely regarded as one of the most capable and aggressive actors in cyberspace, with a sophisticated cyberwarfare strategy deeply integrated into its broader ‘information confrontation’ doctrine. This doctrine emphasizes using information and communication technologies to achieve strategic objectives, often blurring the lines between military, intelligence, and political influence operations. Russian intelligence agencies, primarily the Main Intelligence Directorate (GRU), the Federal Security Service (FSB), and the Foreign Intelligence Service (SVR), oversee numerous state-sponsored hacker collectives. These groups, often referred to as Advanced Persistent Threats (APTs), have systematically targeted governments, critical infrastructure, electoral processes, and civil society organizations across Europe, North America, and Asia (en.wikipedia.org).

APT28 (Fancy Bear/Strontium/Pawn Storm/Sofacy), widely attributed to the GRU, has been responsible for high-profile political hacks and disinformation campaigns. Notable incidents include the 2016 Democratic National Committee (DNC) email hack and subsequent leaks, which aimed to influence the U.S. presidential election. APT28 is known for spear-phishing campaigns, zero-day exploits, and targeting political organizations, defense contractors, and media entities. Its operations often precede or accompany conventional military or geopolitical maneuvers.

APT29 (Cozy Bear/The Dukes/Nobelium), linked to the FSB and SVR, tends to focus on long-term espionage, targeting government agencies, think tanks, and diplomatic entities for intelligence gathering. This group was implicated in the extensive SolarWinds supply chain attack discovered in late 2020, which compromised multiple U.S. government agencies and private companies by inserting malicious code into software updates. This operation demonstrated a high level of sophistication, patience, and strategic targeting, aiming for persistent access and intelligence exfiltration rather than immediate disruption.

Beyond espionage and political interference, Russia has demonstrated a willingness to use cyberattacks for destructive purposes, particularly against Ukraine. The 2015 and 2016 attacks on Ukraine’s power grid, attributed to the GRU (specifically its Sandworm unit), caused widespread blackouts, marking the first confirmed cyberattacks to cause power outages. The NotPetya ransomware attack in 2017, initially targeting Ukraine, rapidly spread globally, causing billions of dollars in damage to businesses worldwide. While disguised as ransomware, its destructive capabilities and limited recovery options led many cybersecurity experts and Western governments to conclude it was a state-sponsored ‘wiper’ attack by Russia, intended to cripple Ukrainian infrastructure. Russia’s cyber strategy is characterized by its boldness, willingness to take risks, and its integration of cyber operations into broader hybrid warfare tactics, making it a formidable cyber adversary.

4.3 China

China possesses extensive and continually expanding cyberwarfare capabilities, which are integral to its national security strategy and economic development goals. The Chinese government views cyberspace as a critical domain for both offensive and defensive operations, emphasizing ‘integrated network electronic warfare’ within the People’s Liberation Army (PLA). China’s cyber strategy prioritizes intelligence gathering, intellectual property theft, and the development of capabilities to disrupt adversary critical infrastructure in a potential conflict scenario (en.wikipedia.org).

The PLA plays a central role in China’s cyber operations. Reports indicate that various units, such as the former Unit 61398 (part of the PLA’s 2nd Bureau of the General Staff Department, now likely restructured under the Strategic Support Force), have been actively engaged in cyber espionage campaigns for over a decade. These operations typically target foreign governments, defense contractors, high-tech companies, and academic institutions to steal classified military technology, industrial secrets, intellectual property, and sensitive personal data. The goal is to accelerate China’s military modernization, enhance its economic competitiveness, and gain strategic advantages. One prominent example is the Operation Aurora attacks in 2009-2010, targeting Google and other major tech companies, reportedly to steal intellectual property and access human rights activists’ accounts.

China’s approach to cyber warfare is often characterized by its scale, persistence, and long-term strategic outlook. Unlike Russia’s more overt and disruptive attacks, Chinese state-sponsored groups frequently focus on quiet, persistent infiltration to exfiltrate vast quantities of data over extended periods. This ‘big data’ approach aims to build a comprehensive understanding of target nations’ capabilities, vulnerabilities, and strategic intentions. The 2015 Office of Personnel Management (OPM) data breach in the U.S., attributed to Chinese state-sponsored actors, resulted in the theft of sensitive personal information of millions of current and former federal employees, demonstrating the sheer volume and strategic value of data targeted.

Beyond espionage, China is also developing significant offensive capabilities for potential conflict scenarios. Its doctrine emphasizes disabling enemy command and control, logistics, and critical infrastructure to achieve ‘information dominance.’ The concept of ‘cyber sovereignty’ is also central to China’s approach, asserting the right of states to control their own cyber borders and information flows, often leading to strict internet censorship and surveillance domestically.

4.4 Other Significant State Actors

While the U.S., Russia, and China are often highlighted, several other nations have developed significant cyber capabilities and actively engage in cyber operations:

  • Iran: Driven by geopolitical rivalries and perceived threats (especially after Stuxnet), Iran has rapidly developed its offensive cyber capabilities. Groups like APT33 (Shamoon, StoneDrill) have launched destructive attacks against energy companies and financial institutions, particularly in Saudi Arabia and the Gulf region. Iran also engages in sophisticated espionage and propaganda operations, often targeting dissent within its borders and influencing regional narratives. Its cyber activities are frequently seen as a means of asymmetric warfare against more technologically advanced adversaries.

  • North Korea: Facing severe international sanctions, North Korea leverages cyber operations not only for espionage but also for illicit financial gain and disruption. Groups like Lazarus Group (APT38) have been implicated in high-profile attacks such as the 2014 hack of Sony Pictures Entertainment (retaliation for ‘The Interview’ film), the 2016 Bangladesh Bank heist (attempting to steal nearly $1 billion via the SWIFT banking system), and the global WannaCry ransomware attack in 2017. These operations demonstrate a focus on financially motivated cybercrime to fund state activities, alongside destructive attacks for geopolitical objectives (threatintelligencelab.com).

  • Israel: As a nation often operating in a highly contested geopolitical environment, Israel possesses advanced cyber capabilities, both defensive and offensive. Its Unit 8200, analogous to the U.S. NSA, is renowned for its intelligence gathering and technological innovation. While rarely officially confirmed, Israel is widely believed to have partnered with the U.S. in the Stuxnet operation. Its cyber operations are often focused on regional security threats, counter-terrorism, and protecting its critical infrastructure, alongside strategic intelligence gathering.

These actors, along with others like the UK, Germany, France, and numerous emerging cyber powers, contribute to an increasingly complex and crowded cyber landscape, where state-sponsored activities are a constant feature of international competition.

Many thanks to our sponsor Esdebe who helped us prepare this research report.

5. Non-State Actors

The realm of cyberwarfare is not exclusively the domain of nation-states. A diverse array of non-state actors has increasingly entered the digital fray, utilizing cyber tools to advance their agendas, disrupt services, and challenge state authority. These entities leverage the anonymity, global reach, and low barriers to entry provided by cyberspace to execute operations with significant impact, often blurring the lines between activism, crime, and politically motivated aggression.

5.1 Terrorist Groups

While traditional terrorist organizations have not yet demonstrated the capability to conduct strategic, nation-state-level cyberattacks that cause widespread physical destruction, their use of cyberspace for other purposes is extensive and evolving. They primarily utilize digital platforms for:

  • Propaganda and Radicalization: Social media, encrypted messaging apps, and dark web forums are exploited to disseminate extremist ideologies, produce sophisticated recruitment videos, and indoctrinate new members. This psychological warfare aims to spread fear, inspire lone wolves, and erode public trust in governance.
  • Fundraising: Terrorist groups engage in various forms of online fundraising, from soliciting direct donations (often through cryptocurrency to bypass financial regulations) to engaging in cybercrime like online fraud or ransomware for financial gain.
  • Communication and Coordination: Encrypted communication channels are vital for operational security, allowing members to coordinate attacks, share intelligence, and avoid detection by law enforcement agencies. The dark web also provides a haven for these activities.
  • Intelligence Gathering: While less sophisticated than state-sponsored espionage, some groups attempt open-source intelligence gathering (OSINT) on potential targets, critical infrastructure vulnerabilities, or security forces.
  • Low-Level Disruptive Attacks: Primarily involving website defacements, DDoS attacks, or minor breaches of non-critical systems, often for symbolic effect or to demonstrate capabilities, rather than causing significant damage. However, the potential for these groups to acquire or develop more potent cyber weapons through illicit markets or by recruiting skilled individuals remains a concern.

5.2 Hacktivist Collectives

Hacktivists are groups or individuals who use hacking techniques to promote a political or social cause. Their motivations are typically ideological, aiming to expose perceived injustices, protest policies, or support specific movements. Their tactics often include:

  • Distributed Denial-of-Service (DDoS) Attacks: Overwhelming target websites or services to render them inaccessible, thereby disrupting operations and drawing attention to their cause. Famous targets include government websites, corporate entities, and financial institutions.
  • Website Defacements: Altering the visual appearance of a website to display political messages, propaganda, or symbols. This is often done for symbolic impact and to embarrass the target.
  • Data Leaks (‘Doxing’): Unauthorized access to internal networks to steal and publicly release sensitive documents, emails, or personal information. This aims to expose corruption, unethical practices, or secret government activities. Wikileaks, while not strictly a hacktivist group, has facilitated the dissemination of such leaked data, often sourced from hacktivists or whistleblowers.
  • Anonymous, a decentralized international collective, is perhaps the most well-known hacktivist group. They have launched numerous campaigns against governments, corporations, and religious organizations, often in response to perceived censorship, corruption, or human rights abuses. Their operations, such as ‘Operation Payback’ against companies opposing WikiLeaks, demonstrate the potential for loosely organized groups to exert significant pressure.

5.3 Cybercriminal Organizations (State-Sponsored/Tolerated)

The line between pure cybercrime and state-sponsored activity is increasingly blurred. Some cybercriminal organizations, while primarily motivated by financial gain, operate with tacit or explicit state backing, or are tolerated by states that benefit from their activities. In these cases, their operations can become instruments of state power, effectively functioning as non-state actors in cyberwarfare.

  • State-Tolerated Ransomware Groups: Certain countries are known to harbor or turn a blind eye to ransomware groups that predominantly target foreign entities. While these groups may be financially driven, their activities contribute to economic disruption in adversary states and can be leveraged by the host nation for intelligence or strategic advantage. The NotPetya attack (discussed under Russia), though disguised as ransomware, is a prime example of a destructive state-sponsored operation masquerading as criminal activity.
  • Financial Espionage and Theft: Some criminal groups, particularly those linked to North Korea, are tasked with conducting large-scale financial theft (e.g., bank heists via the SWIFT network) to generate revenue for the state, bypassing sanctions. This blurs the distinction between criminal and state-level economic warfare.
  • Proxy Warfare: States can outsource cyber operations to criminal groups or private contractors, providing deniability while achieving strategic goals. This allows states to probe defenses, test new tactics, or inflict damage without direct attribution.

5.4 Private Military Companies and Contractors

The rise of private military and security companies (PMSCs) with cyber capabilities further complicates the landscape. These entities offer offensive and defensive cyber services to governments, intelligence agencies, and corporations. While legally distinct from state actors, their close operational ties and the nature of their work often position them as proxies in cyber conflicts. Companies like the NSO Group (developer of Pegasus spyware) have drawn international scrutiny for selling sophisticated surveillance tools to governments, which have then been allegedly used for illicit purposes, including targeting journalists and human rights activists. The proliferation of such tools to various state and non-state clients expands the reach and sophistication of cyber operations globally, making attribution and accountability even more challenging.

The diverse motivations and increasing sophistication of non-state actors necessitate a comprehensive approach to cybersecurity that extends beyond traditional state-centric defense strategies. Their activities contribute significantly to the overall volume of cyber threats and complicate efforts to establish norms of behavior in cyberspace.

Many thanks to our sponsor Esdebe who helped us prepare this research report.

6. Common Tactics in Cyberwarfare

Cyberwarfare employs a sophisticated and continually evolving array of tactics, each designed to achieve specific strategic objectives ranging from clandestine intelligence gathering to widespread destruction and influence. These tactics often overlap and are frequently combined to maximize impact and achieve complex operational goals.

6.1 Espionage

Cyber espionage, often the most pervasive and persistent form of state-sponsored cyber activity, involves the unauthorized access to information systems to steal sensitive data. This tactic is employed by both state and state-sponsored non-state actors to gain intelligence, economic advantage, or strategic insights. The primary goals are to acquire classified documents, intellectual property, military secrets, economic data, and personal information of strategic value.

  • Advanced Persistent Threats (APTs): State-sponsored espionage groups are typically categorized as APTs due to their highly sophisticated, stealthy, and long-term nature. They meticulously plan their attacks, often developing custom malware and utilizing zero-day exploits (vulnerabilities unknown to software vendors) to gain initial access. Once inside a network, they establish persistent access, move laterally, and slowly exfiltrate data, often remaining undetected for months or even years.
  • Tactics and Techniques: Common techniques include spear phishing (highly targeted phishing emails), watering hole attacks (compromising websites frequented by targets), supply chain attacks (inserting malware into legitimate software or hardware), and exploitation of unpatched vulnerabilities in public-facing systems. They often deploy custom backdoors and rootkits to maintain covert access and evade detection by standard security tools.
  • High-Profile Incidents: Beyond the broader context of Chinese industrial espionage (e.g., OPM hack), the Stuxnet attack on Iran’s nuclear facilities in 2010, while primarily a sabotage operation, also involved extensive cyber espionage. Before causing physical damage, Stuxnet likely gathered intelligence on the specific configuration and operational parameters of the Natanz uranium enrichment centrifuges, which was critical for its precision targeting (en.wikipedia.org). Similarly, numerous campaigns by Russian APTs (e.g., APT29) have focused on long-term intelligence gathering from government networks and diplomatic targets.

6.2 Sabotage

Cyber sabotage aims to disrupt, degrade, or destroy critical infrastructure and essential services, often with devastating effects on national security, public safety, and economic stability. These attacks go beyond data theft to inflict tangible harm in the physical world.

  • Critical Infrastructure Targeting: Common targets include energy grids (power plants, transmission systems), transportation networks (air traffic control, railways), water treatment facilities, financial systems, and communication networks. The disruption of these systems can lead to widespread outages, economic paralysis, and even loss of life.
  • Types of Malware: Destructive malware, such as wipers (e.g., Shamoon, NotPetya), are designed to erase data on compromised systems, rendering them inoperable. Logic bombs, often inserted during an espionage phase, can lie dormant and trigger destruction at a pre-determined time or upon a specific condition. Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems, which manage operational technology in critical infrastructure, are prime targets due to their often-outdated security and direct link to physical processes.
  • Key Examples: The 2015 and 2016 attacks on Ukraine’s power grid, attributed to Russia’s Sandworm group, represent the first confirmed instances of cyberattacks causing power outages, demonstrating the direct impact of cyber sabotage on civilian life. The NotPetya ransomware attack in 2017, while appearing as ransomware, was effectively a wiper designed to cause maximum destruction to Ukrainian organizations, which then spread globally causing billions in collateral damage. The WannaCry ransomware attack in 2017, widely attributed to North Korea, exemplified the potential scale of cyber sabotage, affecting hundreds of thousands of computers globally, including critical systems in the UK’s National Health Service (threatintelligencelab.com). Its rapid spread and disruptive nature showcased the vulnerability of interconnected systems to weaponized malware.

6.3 Propaganda and Influence Operations (Information Warfare)

Cyber propaganda and influence operations utilize digital platforms to manipulate public opinion, disseminate misinformation, sow discord, and undermine trust in institutions. This form of psychological warfare can have profound effects on democratic processes and societal cohesion.

  • Tactics: These operations employ a variety of techniques, including creating and promoting fake news websites, weaponizing social media (e.g., using botnets, troll farms, fake accounts to amplify specific narratives), deepfakes (AI-generated synthetic media that realistically portray individuals saying or doing things they never did), and selective leaks of sensitive information. The goal is to shape perceptions, generate polarization, and influence behaviors in target populations.
  • Cognitive Warfare: This advanced form of influence operation aims to attack the cognitive processes of individuals and groups, influencing their beliefs, attitudes, and decision-making. It seeks to weaponize information itself, blurring the lines between truth and falsehood.
  • Examples: Russian interference in the 2016 U.S. presidential election through social media manipulation, advertising campaigns, and the dissemination of hacked emails is a prominent example. China also employs extensive cyber propaganda to control narratives domestically and project its views internationally, often targeting diasporic communities or critics of its policies.

6.4 Denial-of-Service (DoS/DDoS) Attacks

Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks aim to make a computer network, service, or website unavailable to users by overwhelming it with a flood of traffic or requests. While often less sophisticated than other tactics, DDoS attacks can be highly disruptive and are frequently used for political protest, distraction, or as a cover for other malicious activities.

  • Mechanisms: DoS attacks typically originate from a single source, while DDoS attacks leverage multiple compromised computers (a ‘botnet’) to generate a massive, distributed assault, making them harder to mitigate. Common techniques include SYN floods, UDP floods, and HTTP floods, which exploit vulnerabilities in network protocols or application layers.
  • Goals: Disruption of essential services (e.g., banking, government portals), censorship, distraction of security personnel while other attacks are underway, or simply to make a political statement. The 2007 cyberattacks against Estonia were a seminal example of a nation-state-level DDoS campaign that crippled national infrastructure for days.

6.5 Supply Chain Attacks

Supply chain attacks represent a highly sophisticated and increasingly prevalent form of cyberwarfare. They involve compromising a trusted third-party vendor or software update mechanism to gain access to numerous ultimate targets. By injecting malicious code into legitimate software, hardware, or services, attackers can bypass traditional security defenses that assume trust in the supply chain.

  • Mechanism: Attackers compromise a software vendor, hardware manufacturer, or a managed service provider (MSP). They then insert malware into a product or service that is widely distributed to the ultimate targets. When the targets update the software or deploy the hardware, they inadvertently install the malicious payload.
  • Impact: This approach allows a single point of compromise to infect a vast number of victims, including high-value government agencies and critical infrastructure operators, providing a highly efficient means of widespread infiltration or sabotage.
  • Key Example: The SolarWinds supply chain attack discovered in late 2020, attributed to Russia’s APT29, is a canonical example. Attackers injected malicious code into an update for SolarWinds’ Orion network management software, which was then downloaded by thousands of organizations globally, including multiple U.S. federal agencies, leading to widespread espionage and potential sabotage capabilities.

6.6 Cyber-Physical Attacks

These attacks specifically target industrial control systems (ICS) and operational technology (OT) that manage physical processes, such as those found in critical infrastructure. Unlike traditional IT attacks that focus on data, cyber-physical attacks aim to manipulate or damage physical equipment.

  • Distinction: While many cyberattacks affect IT systems, cyber-physical attacks cross the boundary into the physical world, manipulating machinery, causing explosions, altering chemical processes, or disrupting physical flows.
  • Stuxnet remains the most famous example, demonstrating how malware could specifically target Siemens PLCs controlling centrifuges to physically damage them without relying on an external explosive force.
  • Other examples include the Ukraine power grid attacks, where malware directly manipulated grid controls to trip circuit breakers and cause blackouts.

6.7 Economic Warfare

Economic cyberwarfare leverages digital tools to inflict financial harm, disrupt markets, steal intellectual property, or gain an unfair economic advantage. This can have far-reaching implications for a nation’s prosperity and global competitiveness.

  • Tactics: This includes large-scale intellectual property theft (e.g., China’s extensive campaigns), disruption of financial systems, manipulation of stock markets through false information or direct interference, and attacks on specific industries to undermine their competitiveness.
  • Impact: Such attacks can lead to significant financial losses, loss of competitive edge, job losses, and erosion of investor confidence. North Korea’s bank heists, while criminal in nature, also serve a state-level economic warfare purpose by generating funds to circumvent sanctions.

The diverse and evolving nature of these tactics necessitates sophisticated multi-layered defenses and a deep understanding of adversary capabilities and intentions.

Many thanks to our sponsor Esdebe who helped us prepare this research report.

7. Impact on National Security and International Relations

Cyberwarfare exerts a profound and complex influence on both national security and the delicate balance of international relations. Its inherent characteristics, such as the potential for widespread disruption, difficulty of attribution, and blurred thresholds of conflict, present unique challenges that traditional military and diplomatic frameworks struggle to address.

7.1 Impact on National Security

For individual nation-states, cyberwarfare poses a direct and existential threat to national security, extending far beyond the conventional battlefield:

  • Destabilization of Critical Infrastructure: The most immediate and severe impact is the potential to cripple vital services. Attacks on power grids, water treatment plants, transportation networks, hospitals, and communication systems can lead to widespread societal chaos, economic paralysis, and even loss of life. A prolonged blackout, for instance, could bring essential services to a standstill, disrupt emergency response, and cause significant economic damage.
  • Erosion of Public Trust: Successful cyberattacks against government agencies, electoral systems, or public services can severely undermine public confidence in the state’s ability to protect its citizens and maintain order. Information warfare and propaganda campaigns further exacerbate this by sowing discord and manipulating public opinion, which can destabilize a nation from within.
  • Damage to Military Readiness and Intelligence: Cyberattacks targeting defense networks can compromise sensitive military plans, intelligence assets, and communication systems. Espionage can reveal troop movements, weapon system specifications, and strategic doctrines, granting adversaries a significant advantage in a potential conflict. Destructive attacks could disable command and control systems or critical military infrastructure, impairing a nation’s ability to respond to threats.
  • Economic Costs: The financial burden of cyberattacks is immense. This includes direct costs from system repairs, incident response, legal fees, and regulatory fines, as well as indirect costs from lost productivity, intellectual property theft, and reputational damage. Entire industries can be targeted, leading to significant economic downturns and job losses.
  • Grey Zone Conflict and Escalation Risks: Many cyber operations exist in a ‘grey zone’ below the threshold of conventional armed conflict, allowing adversaries to inflict harm without triggering a military response. However, miscalculation or unintended escalation of a cyber incident could rapidly spiral into a broader military confrontation, making risk management and de-escalation strategies critically important.
  • Supply Chain Vulnerabilities: Modern nations are heavily reliant on global supply chains for technology. Compromises in these chains (e.g., hardware backdoors, software vulnerabilities) can grant adversaries pervasive and persistent access to government and corporate networks, creating systemic weaknesses that are incredibly difficult to detect and eradicate.

7.2 Impact on International Relations

Cyberwarfare profoundly complicates the dynamics of international relations, introducing new vectors of tension, conflict, and cooperation:

  • The Attribution Problem: One of the most significant challenges is accurately attributing cyberattacks to their perpetrators. The technical obfuscation techniques employed by sophisticated actors, combined with the ability to route attacks through multiple jurisdictions, make definitive attribution difficult. This ‘attribution problem’ complicates diplomatic responses, as nations are hesitant to accuse another state without irrefutable evidence, fearing retaliatory measures or diplomatic fallout. It also provides deniability for aggressors, fostering a climate of impunity.
  • Escalation Ladders: Unlike conventional warfare with clear declarations of war, cyber incidents can range from minor harassment to acts that might be considered an ‘armed attack.’ Determining what constitutes an appropriate response, and how to avoid inadvertent escalation, is a constant dilemma. A perceived disproportionate response to a cyberattack could trigger a more severe cyber or even kinetic retaliation, leading to an uncontrolled escalation cycle.
  • Diplomatic Fallout and Sanctions: Even without direct military conflict, cyber incidents can lead to severe diplomatic tensions. Accusations of cyberattacks often result in diplomatic expulsions, economic sanctions, and strained bilateral relations (e.g., U.S. sanctions against Russia following election interference and the SolarWinds hack). These measures aim to impose costs and deter future aggression, but their effectiveness in cyberspace is still debated.
  • Cyber Arms Race: The increasing prevalence and sophistication of cyberattacks have spurred an international cyber arms race. Nations are investing heavily in developing both offensive cyber weapons and defensive capabilities. This creates a security dilemma: as one nation strengthens its cyber arsenal, others feel compelled to do the same, potentially leading to greater instability and a higher risk of conflict in cyberspace.
  • Deterrence Challenges: Traditional concepts of deterrence, based on the threat of overwhelming military force, are difficult to apply to cyberspace. The anonymity of attacks, the difficulty of assessing capabilities, and the potential for non-state actors to act as proxies complicate the calculus of deterrence. Establishing credible cyber deterrence requires a combination of robust defenses, clear red lines, the capability to attribute and retaliate, and the political will to do so.
  • Alliance Building and Collective Defense: Cyber threats have also spurred greater international cooperation. Alliances like NATO have recognized cyberspace as an operational domain, and an attack in cyberspace could trigger Article 5 (collective self-defense). Multilateral efforts to develop international norms of behavior in cyberspace are ongoing, albeit slow and fraught with disagreements, particularly between democratic nations advocating for an open internet and authoritarian regimes pushing for ‘cyber sovereignty.’ Information sharing, joint exercises, and capacity building are crucial aspects of collective cyber defense.

In essence, cyberwarfare introduces an era of ‘permanent pre-hostility’ where states are constantly engaged in a silent, pervasive struggle in cyberspace. This state of persistent engagement demands continuous adaptation of national security strategies and a complex re-evaluation of the rules governing international conduct in the digital age.

Many thanks to our sponsor Esdebe who helped us prepare this research report.

8. Ethical and Legal Challenges

The integration of cyber operations into modern conflict has exposed significant gaps and ambiguities in the existing international legal and ethical frameworks, prompting intense debate among legal scholars, policymakers, and military strategists. The intangible nature of cyberspace, the difficulty of attribution, and the potential for widespread collateral damage challenge traditional interpretations of the laws of armed conflict (LOAC) and jus ad bellum/jus in bello principles.

8.1 Jus ad Bellum (The Right to Go to War)

  • Defining an ‘Armed Attack’: Under the UN Charter, a state may only resort to self-defense if it experiences an ‘armed attack’ (Article 51). The critical legal and ethical question is: when does a cyberattack constitute an ‘armed attack’ equivalent to a kinetic strike? If a cyberattack on a power grid leads to deaths in hospitals due to power loss, it could be argued to meet this threshold. However, an attack that causes significant economic damage or disrupts government services without physical destruction is harder to classify. The Tallinn Manual 2.0 suggests that a cyber operation that ’causes injury or death to persons or damage to objects’ may qualify as an ‘armed attack,’ but this leaves substantial grey areas for lesser forms of harm. The lack of an internationally agreed threshold for what constitutes an ‘armed attack’ in cyberspace complicates a state’s right to self-defense and introduces uncertainty regarding legitimate responses.
  • Attribution and Proof: For a state to invoke self-defense, it must be able to attribute the attack to another state. As discussed, the technical and political complexities of cyber attribution are immense. Ethically, acting on uncertain attribution risks retaliating against the wrong party, potentially escalating conflict. Legally, the standard of proof required for attribution in the context of self-defense is a subject of ongoing debate, typically higher than for other forms of international condemnation.
  • Sovereignty Violations and Intervention: Even if a cyber operation does not reach the level of an armed attack, it can still violate a state’s sovereignty, which prohibits foreign states from conducting operations on another’s territory without consent. Peacetime cyber espionage, for example, is technically a violation of sovereignty, yet it is a widely practiced activity. The Tallinn Manual 2.0 affirms that ‘a State is prohibited from exercising its sovereign authority on the territory of another State,’ which applies to cyberspace. Furthermore, ‘intervention’ in the domestic or foreign affairs of another state, even if not involving force, is prohibited. Cyber interference in elections, for instance, could be deemed prohibited intervention.

8.2 Jus in Bello (The Conduct of War)

Once an armed conflict, including a cyberwarfare component, is underway, the conduct of operations is governed by specific principles:

  • Distinction: This principle requires parties to a conflict to distinguish between combatants and civilians, and between military objectives and civilian objects. Cyber operations must be designed and executed to target only military objectives. However, much of the digital infrastructure (e.g., internet backbone, cloud services) is ‘dual-use,’ serving both civilian and military purposes. Targeting a dual-use system that supports a military objective could have severe, unavoidable civilian consequences, raising ethical dilemmas.
  • Proportionality: This principle prohibits attacks that are expected to cause incidental loss of civilian life, injury to civilians, or damage to civilian objects, which would be excessive in relation to the concrete and direct military advantage anticipated. In cyberspace, predicting collateral damage is incredibly difficult due to the interconnected nature of networks and the potential for malware to spread uncontrollably (e.g., NotPetya). An attack intended for a military target might cascade through interconnected systems, impacting civilian infrastructure globally, raising serious questions about proportionality.
  • Necessity and Humanity: Attacks must be necessary to achieve a legitimate military objective, and methods and means of warfare that cause superfluous injury or unnecessary suffering are prohibited. The development and deployment of cyber weapons, especially those designed to be indiscriminate or cause widespread harm, raise ethical concerns regarding humanity.
  • Neutrality: The laws of neutrality apply to cyberspace, meaning belligerent states must respect the cyber infrastructure and sovereignty of neutral states. However, attacks often traverse or inadvertently affect networks in neutral countries, complicating the application of this principle. Can a neutral state block cyber traffic from a belligerent state without violating neutrality?

8.3 Ethical Dilemmas and the Need for a Framework

Beyond strict legal interpretations, cyberwarfare presents a host of profound ethical dilemmas:

  • Preemptive Cyber Strikes: Is it ethically justifiable to launch a preemptive cyberattack against an adversary’s capabilities if an imminent threat is perceived, even if it does not meet the legal threshold for an ‘armed attack’? The ‘defend forward’ strategy adopted by some nations pushes this ethical boundary.
  • Weaponization of Vulnerabilities: Should governments stockpile zero-day vulnerabilities for offensive purposes, or should they disclose them to vendors to improve global cybersecurity? The ethical implications of retaining vulnerabilities that could be exploited by malicious actors are significant.
  • Collateral Damage in Civilian Digital Infrastructure: How much incidental damage to civilian infrastructure is acceptable in a cyber operation? The interconnectedness of modern digital systems means that a precise surgical strike is often impossible, making the ethical calculus of harm incredibly complex.
  • Role of Private Sector and Non-State Actors: What are the ethical responsibilities of private cybersecurity companies that discover vulnerabilities or are asked by states to develop offensive tools? How should the international community address the ethical implications of hacktivists or cybercriminals engaging in activities that align with state interests?

Developing a universally accepted framework for cyberwarfare remains an ongoing, arduous challenge. Efforts like the UN Group of Governmental Experts (GGE) and the Open-Ended Working Group (OEWG) have attempted to develop norms of responsible state behavior in cyberspace. However, significant disagreements persist, particularly concerning issues like sovereignty, self-defense, and the application of international humanitarian law. Without clearer international consensus, the digital realm will likely continue to be a zone of strategic competition with ambiguous rules, increasing the risk of miscalculation and escalation (threatintelligencelab.com).

Many thanks to our sponsor Esdebe who helped us prepare this research report.

9. Future Trends in Cyber Conflict

The future of cyberwarfare is intrinsically linked to the relentless pace of technological innovation and the evolving geopolitical landscape. As digital dependency deepens globally, the sophistication, frequency, and impact of cyber conflicts are projected to intensify, presenting continuous challenges for defense and international stability.

9.1 Technological Advancements Driving New Vulnerabilities and Capabilities

  • Artificial Intelligence (AI) and Machine Learning (ML): AI and ML are set to revolutionize both offensive and defensive cyber capabilities. On the offensive side, AI can automate target identification, vulnerability discovery (e.g., autonomously generating zero-day exploits), and tailor social engineering attacks for maximum efficacy. AI-powered malware could adapt to defenses, learn from network environments, and operate autonomously. Conversely, AI and ML are crucial for enhancing cyber defenses, enabling faster threat detection, automated incident response, predictive analytics for threat intelligence, and more robust anomaly detection in vast datasets.
  • Quantum Computing: While still nascent, quantum computing poses a long-term existential threat to current cryptographic standards. Once sufficiently mature, quantum computers could potentially break widely used encryption algorithms (e.g., RSA, ECC) within seconds, rendering much of today’s secure communication and data vulnerable. This necessitates a transition to ‘post-quantum cryptography’ (PQC), but the race to implement PQC securely will be a critical future challenge, potentially creating a window of extreme vulnerability.
  • Internet of Things (IoT) and 5G Networks: The proliferation of billions of interconnected IoT devices (smart homes, industrial sensors, autonomous vehicles) and the expansion of high-speed 5G networks will vastly expand the attack surface. Many IoT devices often have weak security, making them easy targets for botnets (e.g., Mirai botnet) that can launch massive DDoS attacks. 5G’s distributed architecture and reliance on software-defined networking also introduce new complexities and potential vulnerabilities, particularly for critical infrastructure that increasingly integrates IoT and 5G technologies.
  • Space-Based Assets: As reliance on satellite communication, GPS, and space-based intelligence grows, space assets are becoming increasingly critical and vulnerable targets. Cyberattacks on ground control stations, satellite links, or even the satellites themselves could disrupt global navigation, communication, and military operations, opening a new frontier for cyber conflict.
  • Deepfakes and Advanced Disinformation: The sophistication of AI-generated synthetic media, including deepfake videos and audio, will make it increasingly difficult for the public to discern authentic information from fabricated content. This will supercharge influence operations, enabling highly convincing propaganda, manipulation, and the erosion of trust in media and institutions.

9.2 Strategic Shifts and Evolving Doctrines

  • Normalization of Cyber Operations in Peacetime: The ‘persistent engagement’ and ‘defend forward’ doctrines indicate a shift towards continuous cyber operations, even outside declared armed conflict. This normalization means states will increasingly operate within each other’s networks, leading to a constant state of ‘pre-hostility’ or ‘grey zone’ conflict. This persistent activity makes deterrence more complex and the distinction between peace and war increasingly blurred.
  • Blurring Lines Between Actors: The distinction between state-sponsored actors, private military contractors, and even organized cybercrime will become even more indistinct. States will likely continue to utilize proxies to achieve deniability, and financially motivated cybercriminals might find their operations co-opted or tolerated by states for strategic benefit, further complicating attribution and response.
  • Hybrid Warfare: Cyber capabilities will be even more deeply integrated into hybrid warfare strategies, combining conventional military force, disinformation, economic coercion, and political subversion. Future conflicts will rarely be purely kinetic or purely cyber; they will be multi-domain, synergistic operations aiming for comprehensive effects.
  • Cyber Deterrence Challenges: Developing effective cyber deterrence remains a formidable challenge. The unique characteristics of cyberspace (anonymity, speed, non-kinetic nature) complicate traditional deterrence models. Future deterrence strategies will likely involve a combination of defensive resilience, offensive retaliation capabilities, and diplomatic efforts to establish norms, though the latter faces significant hurdles.
  • Global Cyber Arms Control and Norms: Despite significant disagreements, efforts to establish international norms of responsible state behavior in cyberspace will continue. However, the divergence of views between states advocating for an open, secure internet and those promoting ‘cyber sovereignty’ suggests that comprehensive, legally binding arms control treaties for cyber weapons remain unlikely in the near future. Instead, ad-hoc agreements, confidence-building measures, and bilateral understandings might gain traction.
  • The Role of the Private Sector: The private sector, including cybersecurity vendors, cloud providers, and incident response firms, will play an ever-more critical role in national cybersecurity. Governments will increasingly rely on their expertise, intelligence, and infrastructure to defend against state-sponsored attacks, leading to closer public-private partnerships.

The future of cyber conflict is thus characterized by accelerated technological evolution, more sophisticated adversaries, and a persistent, multi-faceted struggle for dominance and security in the digital domain. Nations will need to continually adapt their strategies, doctrines, and investments in cybersecurity to navigate this complex and dynamic environment.

Many thanks to our sponsor Esdebe who helped us prepare this research report.

10. Conclusion

Cyberwarfare represents a transformative paradigm shift in the conduct of conflict, fundamentally altering the traditional understanding of national security and international relations. It masterfully blends cutting-edge technological innovation with established military strategies, introducing a new dimension of competition and confrontation. This report has meticulously explored its multifaceted nature, from its evolving definitions and tracing its historical evolution through seminal events like the Estonia attacks and Stuxnet, to identifying the formidable capabilities of key state actors such as the United States, Russia, and China, alongside the increasingly impactful roles of non-state entities.

The array of tactics employed, ranging from sophisticated espionage and critical infrastructure sabotage to pervasive propaganda and disruptive supply chain attacks, underscores the diverse methods by which adversaries seek to achieve strategic objectives. These operations have profound implications, threatening national security by destabilizing critical infrastructure, eroding public trust, and inflicting substantial economic damage, while simultaneously complicating international relations through the persistent problem of attribution, the risk of escalation, and the challenges of traditional deterrence.

The ethical and legal ambiguities inherent in applying existing laws of armed conflict to the digital realm remain a formidable hurdle, necessitating ongoing international dialogue and the development of new frameworks, as exemplified by the Tallinn Manual. Looking ahead, the trajectory of cyber conflict is inextricably linked to rapid technological advancements. The proliferation of AI and ML, quantum computing, the vast expansion of IoT devices, and the strategic importance of space assets will undoubtedly introduce new vulnerabilities and capabilities, leading to more sophisticated attacks and defensive measures. The normalization of persistent engagement in cyberspace further blurs the lines between peace and conflict, demanding continuous adaptation and vigilance from all stakeholders.

Understanding the intricate evolution, the diverse motivations and capabilities of its actors, the intricate tactics employed, and the far-reaching implications of cyberwarfare is no longer merely an academic exercise; it is an imperative for developing effective national defense strategies, fostering international cooperation, and navigating the complexities of the 21st-century geopolitical landscape. As the digital domain continues its relentless evolution, so too will the nature of cyber conflicts, demanding a continuous and dynamic adaptation of our collective response to safeguard global stability and security.

Many thanks to our sponsor Esdebe who helped us prepare this research report.

References

Be the first to comment

Leave a Reply

Your email address will not be published.


*